Eureka AIR delivers breakthrough ideas for toughest innovation challenges, trusted by R&D personnel around the world.

System for and methods of administration of access control to numerous resources and objects

a technology of access control and system, applied in the field of computer system access control, can solve the problems of cumbersome access control and privilege management, affecting the efficiency of information management, and not allowing for massively scalable or sufficiently granular levels of information management, so as to manage the complexity of a large number of resources, facilitate the complexity of a system, and efficiently create, modify and delete groups

Inactive Publication Date: 2007-03-27
ORACLE INT CORP
View PDF11 Cites 49 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Benefits of technology

[0013]A first advantage of the present invention is that it provides a way to manage the complexity of a large number of resources.
[0014]A second advantage of the present invention is that it provides a way to associate and embed attributes and values with resources.
[0015]A third advantage of the present invention is that it provides a way to ease the complexity of a system for users with less advanced computer skills than those of programmers.
[0016]A fourth advantage of the present invention is that it provides a way to manage the complexity of access control to a large number of objects.
[0017]A fifth advantage of the present invention is that it provides a way to efficiently create, modify and delete groups of related resources with similar access control needs in a single operation.
[0018]A sixth advantage of the present invention is that it provides a way to operate various components of the overall system independently of the operating system.

Problems solved by technology

Controlling access to an exponentially growing array of data by an increasing number of users represents one of the greatest challenges facing the future of the Internet.
Access control and privilege management, no matter the form, presents a cumbersome issue for all types of businesses employing the Internet.
Typically, administration tools for access control focus only on the identity of accessors and associated policies, without allowing for massively scalable or sufficiently granular levels of information management.
The amount of data and resources in the next-generation Internet is expected to increase massively, and the complexity of managing those resources will likewise increase.
Associating the “attributes and values” referred to above with requested resources represents a considerable system management issue.
The problems unsophisticated computers users encounter are exacerbated when the number of objects is large.
Access control alone requires complex programs to adjudicate users' attempts to log onto a computer or network.
As the number of objects stored on a system increases, the complexity of this adjudication also increases.
Creating, modifying and deleting groups of related resources can be very complex and inefficient.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • System for and methods of administration of access control to numerous resources and objects
  • System for and methods of administration of access control to numerous resources and objects
  • System for and methods of administration of access control to numerous resources and objects

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0040]The present invention provides a system for and associated methods of administration of access control to numerous resources and objects. The present invention operates from an “object-centric” view, in contrast with that of the conventional “user-centric” system of access control administration. The system described optimally employs the “Entitlement engine” referred to and incorporated by reference above as an authorization mechanism, however, the present invention may be used by any access management system and also incorporate a wide array of database administration protocols, such as Lightweight Directory Access Protocol (LDAP).

[0041]In certain embodiments, the system includes a special parameter called {super} that is useful in establishing access privilege inheritances. Through the use of {super} and DefaultAccessPrivileges, it is shown that an administrator can control access to resources and objects with great specificity or detail in some parts of the system and more...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

Described are systems and methods used for the administration of access control to numerous resources and objects. An administrator may control access to resources and objects in accordance with defined rules using an “object-centric” view. A template may be used for creating and managing access policies to large numbers of resources. The template may use parameters to define instances of a template. Parameters may be used to define variations of the template. Access privileges of a resources may be inherited in accordance with a hierarchy.

Description

[0001]This application claims priority to U.S. Provisional Application Ser. No. 60 / 302,181 filed Jun. 29, 2001, the contents of which are incorporated by reference in their entirety.FIELD OF THE INVENTION[0002]The present invention relates to the administration of computer system access control, and more specifically relates to controlling access to numerous computer resources and objects. Conventional access control systems and their associated methods of operation typically use a “user-centric” orientation. In contrast, the present invention adjudicates user requests from an “object-centric” orientation, specifically designed to address the need for access control to massively numerous computer resources and objects.BACKGROUND OF THE INVENTION[0003]Controlling access to an exponentially growing array of data by an increasing number of users represents one of the greatest challenges facing the future of the Internet. Access control and privilege management, no matter the form, pres...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06F12/14G06F17/30G06F15/16G06F9/46
CPCG06F9/468Y10S707/99931
Inventor CICHOWLAS, BRUCE
Owner ORACLE INT CORP
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com